444946a7935918d83a63fac1b34598f45d98d817a15a530a3a6c02b707dba0a5

Sharing

Copy URL

Twitter E-mail

General

Target

444946a7935918d83a63fac1b34598f45d98d817a15a530a3a6c02b707dba0a5
Size

891KB
MD5

5434440899fac616e43d8bb3e9a54c10
SHA1

7b2a0d508283800c74ec2f578dd433e966123cd1
SHA256

444946a7935918d83a63fac1b34598f45d98d817a15a530a3a6c02b707dba0a5
SHA512

a7a8c781af10db4cf946e6144d11350fc85cc6978b3d5af77dc25cf474ebb700fcd0e9c45d7e3249b6cb81ffa16d25e282a4152e7a1bce3ad59d246506a09ff1
SSDEEP

24576:qrX9M2+PMaSYCiSSXqjjm3nu5qPQjpQ3O1m:gX9M2+PMleXqjq3u5ZpQ3O

Score

N/A

Malware Config

Signatures

Files

444946a7935918d83a63fac1b34598f45d98d817a15a530a3a6c02b707dba0a5
.exe windows x86

6d12a89808e2c0536128c0a7ae731b84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetSecurityDescriptorDacl
AddAccessAllowedAce
RegOpenKeyW
RegQueryInfoKeyW
CloseServiceHandle
GetLengthSid
AdjustTokenPrivileges
GetTokenInformation
CloseServiceHandle
InitializeSecurityDescriptor
RegOpenKeyW
GetLengthSid
InitializeSecurityDescriptor
RegOpenKeyExA
InitializeSecurityDescriptor
InitializeSecurityDescriptor
CloseServiceHandle
GetTokenInformation
GetLengthSid
RegDeleteKeyW
FreeSid
RegEnumValueW
RegQueryInfoKeyW
GetLengthSid
InitializeAcl
RegEnumValueW
RegEnumKeyExW
OpenThreadToken
GetTokenInformation
GetTokenInformation
RegCloseKey
RegDeleteValueW
RegEnumValueW
RegQueryValueExW
GetTokenInformation
RegDeleteKeyW
OpenProcessToken
GetTokenInformation
GetTokenInformation
FreeSid
RegOpenKeyExW
InitializeAcl
CloseServiceHandle
RegOpenKeyW
CloseServiceHandle
InitializeAcl
RegOpenKeyExA
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExA
CloseServiceHandle
OpenProcessToken
OpenProcessToken
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegSetValueExA
RegCreateKeyExA
RegOpenKeyW
GetTokenInformation
InitializeAcl
RegOpenKeyW
RegOpenKeyExA
SetSecurityDescriptorDacl
RegQueryValueExW
OpenThreadToken
InitializeSecurityDescriptor
RegCreateKeyExA
RegQueryInfoKeyW
RegQueryInfoKeyW
RegSetValueExW
RegDeleteKeyW
RegEnumValueW
AdjustTokenPrivileges
RegOpenKeyW
OpenThreadToken
RegEnumKeyExW
RegCreateKeyExW
RegQueryValueExW
FreeSid
RegDeleteValueW
RegCreateKeyExW
GetLengthSid
GetLengthSid
RegEnumKeyExW
RegQueryValueExW
CloseServiceHandle
FreeSid
RegQueryValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
RegDeleteValueW
InitializeSecurityDescriptor
AdjustTokenPrivileges
RegQueryValueExA
RegEnumValueW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegDeleteValueW
RegDeleteKeyW
GetTokenInformation
InitializeSecurityDescriptor
RegQueryValueExW
RegOpenKeyExW
AddAccessAllowedAce
GetLengthSid
RegCreateKeyExW
InitializeAcl
OpenProcessToken
RegEnumKeyExW
AllocateAndInitializeSid
RegEnumValueW
RegCreateKeyExW
RegEnumValueW
SetSecurityDescriptorDacl
RegQueryValueExA
RegCloseKey
RegOpenKeyW
RegEnumKeyExW
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
GetLengthSid
InitializeAcl
RegQueryValueExW
InitializeAcl
RegCloseKey
GetTokenInformation
FreeSid
RegQueryInfoKeyW
AddAccessAllowedAce
RegOpenKeyExA
RegDeleteKeyW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
GetLengthSid
RegCloseKey
RegSetValueExA
OpenProcessToken
InitializeAcl
RegEnumKeyExW
InitializeAcl
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
CloseServiceHandle
RegSetValueExA
RegCloseKey
InitializeAcl
InitializeAcl
RegCloseKey
RegCloseKey
RegSetValueExW
AddAccessAllowedAce
RegCreateKeyExA
RegSetValueExA
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExA
InitializeAcl
RegQueryValueExW

kernel32

ReadConsoleOutputAttribute
UpdateResourceW
GetDriveTypeA
GetProcessAffinityMask
GetDriveTypeA
GetDriveTypeA
GetDriveTypeA
PurgeComm
GetDriveTypeA
GetDriveTypeA
FillConsoleOutputCharacterA
GetDriveTypeA
GetTapeStatus
ClearCommError
EnumDateFormatsW
GetDriveTypeA
DosDateTimeToFileTime
GetDriveTypeA
HeapCreate
GetExitCodeThread
GetTempPathA
CopyFileA
VerLanguageNameW
DefineDosDeviceA
GetConsoleCursorInfo
GetLogicalDriveStringsA
GetDriveTypeA
GetDriveTypeA
FreeEnvironmentStringsA
HeapWalk
GetDriveTypeA
GetDriveTypeA
GetDriveTypeA
SetErrorMode
CloseHandle
GetDriveTypeA
GetDriveTypeA
CreateJobObjectW
GetThreadPriority
GetDriveTypeA
GetDriveTypeA
GetDriveTypeA
GetShortPathNameA
GetDriveTypeA
GetDriveTypeA
SetErrorMode
lstrcmpiW
BackupSeek
OpenWaitableTimerW
UpdateResourceW
GetDriveTypeA
CreateTapePartition

Sections

.nbpy
Size: 212KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qqeu
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.clrb
Size: 9KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vrni
Size: 644KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6d12a89808e2c0536128c0a7ae731b84

Headers

File Characteristics

Imports

advapi32

kernel32

Sections

.nbpy Size: 212KB - Virtual size: 236KB

.qqeu Size: 8KB - Virtual size: 12KB

.clrb Size: 9KB - Virtual size: 192KB

.vrni Size: 644KB - Virtual size: 2.4MB

.nbpy
Size: 212KB - Virtual size: 236KB

.qqeu
Size: 8KB - Virtual size: 12KB

.clrb
Size: 9KB - Virtual size: 192KB

.vrni
Size: 644KB - Virtual size: 2.4MB